<?
/**
* Copyright (c) 2002-2007 BioWare Corp.
* http://www.bigdaddymonitor.org
*
* This file is part of the BigDaddy Monitoring
* program. It is free software distributed under
* the terms of the BSD License. It is ditributed
* in the hopes that it will be useful, but
* WITHOUT ANY WARRANTY; without event the implied
* warranty of MERCHANTABILITY or FITNESS FOR A
* PARTICULAR PURPOSE.
*
* The BSD License is available from:
* http://www.opensource.org/licenses/bsd-license.php
**/
/**
 * Login Script
 * @author Duleepa Wijayawardhana <dups@bioware.com>
 * @version September 2006
 *
 * Runs all the login code and logs a user/sets a session
 */

$UserSession = new UserSession();


if ($_GET["lgo"]==1)
{
    $UserSession->DestroySession();
    header("Location: ".$_SERVER["PHP_SELF"]);
    exit;
}

if (defined("SSO_ENABLE") && SSO_ENABLE==1 && $_SERVER["REMOTE_USER"]!="")
{
	//It must be ine the form dups@BIOWARE.COM
	if (preg_match("/([a-zA-Z]+)@".SSO_DOMAIN."/", $_SERVER["REMOTE_USER"], $aMatches))
	{
		$sUsername=strtolower($aMatches[1]);
		
		//Login Successful
        //Set up session
        $session->SetSession($sUsername);
		
		if ($session->active==0)
		{
			die("Fatal: Database does not match Active Directory. Please contact SysAdmin.");
		}
		//Define a constant to show that this is a SSO Login.
		define("SSO_LOGIN", true);
	}
	else
	{
		$session->active=0;
	}
	
	unset($sUsername);
	unset($aMatches);
	
}
	
//Check to see if session is active
elseif ($_SESSION["sessdata"]["session_active"]==true)
{
    //Set up session
    $UserSession->SetSession($_SESSION["sessdata"]["session_username"]);
    if ($UserSession->active==0)
    {
        die("Fatal: Database could not authenticate for some reason, credentials may be false. Please contact SysAdmin.");
    }
    
}
else //We need to check credentials
{
		
    if ($_POST["loginUsername"]!="" && $_POST["loginPassword"]!="")
    {
        
        if (defined("MYSQL_AUTH_ONLY") && MYSQL_AUTH_ONLY == 1)
        {
            $UserSession->AuthenticateMySQL($_POST["loginUsername"], $_POST["loginPassword"]);
        }
        else
        {
            $UserSession->AuthenticateLDAP($_POST["loginUsername"], $_POST["loginPassword"]);
        }
			
        if ($UserSession->active==1)
        {
            $UserSession->SetSession($_POST["loginUsername"]);
            if ($UserSession->active==1)
            {
                $_SESSION["sessdata"]["session_active"]=true;
                $_SESSION["sessdata"]["session_username"]=LOGGEDIN_USERNAME;
                if ($_POST["page"]!="")
                {
                    header("Location: http://".$_POST["host"].$_POST["page"]."?".$_POST["query"]);
                    exit;
                }
            }
				
            if ($UserSession->active==0)
            {
                die("Fatal: Database could not authenticate for some reason, credentials may be false. Please contact SysAdmin.");
            }

		}
        else
        {
            require(LOGIN_FORM);
            exit;
        }
	}
    else
    {
        require(LOGIN_FORM);
        exit;
    }
}


if ($UserSession->active==1)
{
	$Role = new Role();
    require_once(CLASS_BIGDADDY);
    require_once(CLASS_BIGDADDY_CONTROL);
    require_once(CLASS_BIGDADDY_DISPLAY);
    require_once(CLASS_BIGDADDY_HISTORY);
    require_once(CLASS_BIGDADDY_DATA);


    $BigDaddy = new BigDaddy;
    $BigDaddyControl = new BigDaddyControl;
    $BigDaddyData = new BigDaddyData;
    $BigDaddyHistory = new BigDaddyHistory;
    $BigDaddyDisplay = new BigDaddyDisplay;
}




?>
